Optimization #6502: schema: avoid - and . in keys - Suricata - Open Information Security Foundation

Actions

Copy link

Optimization #6502

open

schema: avoid - and . in keys

Added by Philippe Antoine 6 months ago. Updated 6 months ago.

Status:

New

Priority:

Normal

Assignee:

OISF Dev

Target version:

8.0.0-beta1

Effort:

Difficulty:

Label:

Description

From @Jason Ish

- don't break Elastic, just makes queries harder. '.' will break Elastic and some tools.

git grep '-' etc/schema.json . yields
- bittorrent-dht
- ftp-data
- icmp-prohib
- tcp-reset
- reject-target

These should use underscore

Related issues 1 (1 open — 0 closed)

History
Notes
Property changes

Actions

Copy link

Updated by Philippe Antoine 6 months ago

Related to Documentation #6478: schema: add missing fields added

Actions

Copy link

Updated by Philippe Antoine 6 months ago

alert.signature-id would be taken as a math expression.

Actions

Copy link

Updated by Philippe Antoine 6 months ago

Need some CI check after fixing the few fields

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Suricata

Custom queries

Optimization #6502

schema: avoid - and . in keys

Updated by Philippe Antoine 6 months ago

Updated by Philippe Antoine 6 months ago

Updated by Philippe Antoine 6 months ago